package org.apache.shiro.realm;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import com.liwbn.rbac.model.Permission;
import com.liwbn.rbac.model.Role;
import com.liwbn.rbac.model.User;
import com.liwbn.rbac.service.UserService;
import com.liwbn.rbac.vo.UserVO;

/**
 * shiro验证
 */
public class RbacRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;

    private static final Logger LOGGER = LoggerFactory
            .getLogger(RbacRealm.class);

    /**
     * 获取权限信息
     * 
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(
            PrincipalCollection principals) {
        LOGGER.info("RbacReakm : {}", "获取权限信息");
        String userName = (String) principals.getPrimaryPrincipal();
        UserVO user = userService.selectUserPermissionByUserName(userName);
        if (user != null) {
            List<String> roleList = new ArrayList<String>();
            List<String> permissionList = new ArrayList<String>();
            List<Role> roles = user.getRoles();
            if (roles != null && roles.size() > 0) {
                for (Role role : roles) {
                    if (role.getRoleSign() != null) {
                        roleList.add(role.getRoleSign());
                    }
                }
            }
            List<Permission> permissions = user.getPermissions();
            if (permissions != null & permissions.size() > 0) {
                for (Permission permission : permissions) {
                    permissionList.add(permission.getPermissionSign());
                }
            }
            SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
            authorizationInfo.addRoles(roleList);
            authorizationInfo.addStringPermissions(permissionList);
            return authorizationInfo;
        } else {
            throw new AuthorizationException();
        }
    }

    /**
     * 用户登录验证
     * 
     * @param authcToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(
            AuthenticationToken authcToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
        String userName = token.getUsername().trim();
        String password = "";
        if (token.getPassword() != null) {
            password = new String(token.getPassword());
        }
        User user = userService.login(userName, password);
        SimpleAuthenticationInfo authorizationInfo = new SimpleAuthenticationInfo(
                user.getUsername(), user.getPassword(), getName());
        return authorizationInfo;
        // List<UserVO> principals = new ArrayList<>();
        // principals.add(user);
        // PrincipalCollection principalCollection = new
        // SimplePrincipalCollection(
        // principals, getName());
        // return new SimpleAuthenticationInfo(principalCollection,
        // password);
    }

    /**
     * 将在用户退出时删除缓存
     * @param principals
     */
    @Override
    public void doClearCache(PrincipalCollection principals) {
        super.doClearCache(principals);
    }
}
